niceLogon
Special Features
- hack cannot logon your account with identical steps as you
did; select one single unforgettable word to cover all your
accounts in life time; there is no harms even if clients'
authentication info is stolen from server.

Client generates a random code
called VerificationToken™,
encrypts the VerificationToken™
with server’s public key, and sends the
encrypted VerificationToken™
to server.

Server decrypts the encrypted
VerificationToken™
with server’s private key to obtain the
VerificationToken™,
generates a random code called LogonToken™,
encrypts the received VerificationToken™
and the LogonToken™
with client’s public key, and sends the
encrypted information to client.

Client decrypts the encrypted
information with client’s private key to
obtain the returned VerificationToken™
and the LogonToken™,
checks the returned VerificationToken™
to ensure that it is identical to the original
VerificationToken™
to authenticate server’s identity, encrypted
the received LogonToken™
with server’s public key, and sends the
encrypted LogonToken™
to server.

Server decrypts the encrypted
LogonToken™ with server’s private key to
obtain the returned LogonToken™, checks the
returned LogonToken™ to ensure that it is
identical to the original LogonToken™ to
authenticate client’s identity, provides a
LogonURL™ in the form of server’s IP address,
encrypts the LogonURL™ with client’s public
key, and sends the encrypted LogonURL™ to
client.

For
convenience, account holder selects a domain name
of server to initiate connection; then logon at an IP address provided
by the authenticated server to avoid DNS hackings.

Server may use fixed
or floating IP
address.

All web browsers do not need any
changes; server use niceLogon™
server software to replace logon web page that requests client to enter
account ID and password, after authenticating client's identify, all the
following process may remain the same.